In the decades following the tragedy of 9/11, air travelers around the globe became accustomed to heightened security levels for access to air travel. High security at airports became ‘normal.’ A similar shift for electronic commerce is inevitable. Complex technologies that can be exploited and persistent criminals guarantee it.

Just like threat level “orange” is the new normal for air travel, businesses that use networks that touch other networks, or rely on the Internet, are being confronted with a “market condition” similar to that of air travel. The ability to counter cybercrime and have effective contingency plans in place when it happens is becoming as important and routine as product development or marketing.

Following the high profile breach at Target, followed by the news that Neiman Marcus had also been victimized, the FBI has issued warnings to retailers that the threat of attacks and breaches of credit card data remains high. Retailers, online financial services and nearly anyone who conducts business online should get used to it. The cyber threat level for electronic commerce is orange, or potentially worse – and it won’t change anytime soon.

Further evidence of the severe impact of cybercrime on the global economy can be gleaned from the fact that the United Nations Office on Drugs and Crime commissioned a focused study of cybercrime. The intent was to gain a better understanding of the impact of cybercrime on the economies in the developing world. The UN’s concern was that some developing economies relying on the Internet as an economic gateway could be completely derailed if targeted by persistent criminals.

In the late 1980s, when the National Science Foundation was evaluating opening the NSFNET (1) to commercial traffic, NSF held open hearings on the benefits. An often expressed concern was how a network of interconnected networks, or an Internet, could be protected if almost any node on the network could connect to any other. Some 30 years later, that is still proving to be a challenge. Obviously, the Internet is not going away, suggesting that solving a problem that has remained a problem for 30+ years requires different thinking about securing connections and stronger user authentication.

While the Target data breach did not directly involve Target’s online presence and websites, the Internet certainly enabled the cybercriminal or criminals behind the breach to deliver the malware to the point-of-sale network that was ultimately the point of attack. Somehow, a bit of software was installed that shouldn’t have been.

Similar to the way some bank accounts require dual control, that is, two-party approval for a financial transaction, perhaps the installation of an .exe should require dual approval. Current secure messaging and interactive authentication applications could make this possible.

At some point, the security business will have to become as creative as the cybercriminal business.

The Internet enables an entire criminal economy with malware developers, network hackers, information sellers, bot herders and others to operate remotely. Their ability to operate remotely helps them thrive, as does their ability to operate across multiple jurisdictions and international boundaries. Cybercrime has become the business of choice in economies that do not offer similarly high paying legitimate opportunities for the technically proficient.

Businesses that learn to effectively protect themselves and protect their customers will gain a competitive advantage relative to this new market dynamic. In fact, it’s notable that one credit card brand has begun to use the word ‘security’ in its television commercials as a benefit of membership.

The latest round of data breaches may well be the watershed event raising measurement of security posture vs. current threat level to the importance of market share or new product development.

John Zurawski is a senior executive in sales and marketing for Authentify.

[1]NSFNET was the National Science Foundation Network used to provide remote access to NSF-sponsored super computers hosted at universities and National Laboratories. NSFNET was one of the wide area networks that evolved into the Internet as it exists today.